Unbolting vaults

By Robert Hackett
March 12, 2016
March 12, 2016

One image I cannot shake amid the ongoing legal dispute between Apple and the Federal Bureau of Investigation is this: The mustachioed face of newscaster Geraldo Rivera set outside vaults once owned by Al Capone, the notorious Chicago gangster. The newsman’s 2-hour live televised special—”The Mystery of Al Capone’s Vaults”—aired to much hype in April of 1986. Anticlimactically, he and his band of excavators discovered no treasure inside, save for a few discarded bottles. The event was a letdown.

I was not alive at the time of the report, but Rivera’s ultimately sheepish look has nagged at me recently. His mug haunts me in the context of Apple’s present spat with law enforcement. The tech giant has refused to comply with a court order mandating that it help the FBI unlock a terrorist’s phone. For investigators the mystery entices: Who knows what secrets that iPhone 5c might contain?

A number of factors call into question, however, the significance of this particular handset. Foremost among them, it was not the only phone used by Syed Rizwan Farook, the health inspector who last year with his wife massacred 14 coworkers at a holiday party. Farook, in fact, possessed two other phones and a laptop, as the Intercept notes. These others were personal devices—ones he took care to destroy before the slaughter. The subject of the present standoff is rather the shooter’s apparently neglected work phone, property of the San Bernardino department of public health.

“The pair left this phone in a Lexus in their garage, untouched,” notes Marcy Wheeler, an independent national security reporter, in a post on Slate. “The killer certainly didn’t treat this work phone with the same attention he did his other phones or that hard drive.”

Whether this was simple carelessness or intentional disregard on Farook’s part, no one can say for certain. But one of the cops’ own has lent credence to Wheeler’s assertion that “it doesn’t seem likely that the device in question will yield any critical information.” Jarrod Burguan, the county police chief, last month told NPR that he doubts the worth of the device’s encrypted contents. “I’ll be honest with you,” he said. “I think that there is a reasonably good chance that there is nothing of any value on the phone.”

Investigators have, after all, already retrieved Farook’s call metadata through phone records. Michael Rogers, director of the National Security Agency, confirmed with Yahoo, for instance, that his agency “didn’t find any direct overseas connections” between the shooter and terror cells abroad.

The phone in question may contain useful information, incriminating data, or further leads. But it seems altogether likelier that its value in this case lies not in what it contains, but rather in what it represents—a portal through which law enforcement (or anyone in possession of a key) may gain entry to the privately stored data of suspects (or whomever might be targeted) for years to come. On this iPhone 5c hinges the prospect of a ponderous legal precedent, in other words. However the U.S. decides to approach this deadlock between Apple and the FBI will have broad implications for the way companies, consumers, and criminals alike interact with technology in the very near future. That’s no mystery.

I just hope we will not be left standing outside these unbolted vaults with embarrassed looks on our faces in the process.

Robert Hackett

@rhhackett

robert.hackett@fortune.com

Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach me via Twitter, Cryptocat, Jabber, PGP encrypted email, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


THREATS

President Obama addresses Apple vs. FBI. The nation’s leader took the stage at SXSW this year to share his thoughts on the matter of encryption. He said the government and law enforcement should somehow be able to access encrypted data. Otherwise, he said we are “fetishizing our phones above every other value.” (Fortune, Fortune)

Amazon pulls about-face. One day after cybersecurity aficionados realized and raised a hubbub about Amazon removing full disk encryption as an option in its Fire OS operating system, the company said it would add the feature back this spring. The online retailer had yanked the capability in the fall, though it took months for people to notice the change. (Fortune)

Hacker reveals Tesla details. A tinkerer was probing the latest firmware on his Tesla car when he discovered, buried within the code, a detail that potentially references an upgrade in the works: “P100D,” likely a nod to expanded battery capacity in an upcoming model. “Good hacking is a gift,” Musk later said, mentioning the white hat hacker in a tweet. (Ars Technica)

Skype co-founder back with private chat startup. Janus Friis, the Danish entrepreneur who co-founded Skype, is now executive chairman of Wire, a 50-person startup that offers encrypted messaging services. The company’s servers are based in Switzerland. (Fortune)

Sniper hacker gets NYT gig. Runa Sandvik, a cybersecurity researcher and consultant who last year hacked a “smart rifle,” said she is joining the New York Times as director of information security. Prior she taught media organizations and journalists to improve their digital security. (@runasand via Twitter, Fortune)

Self-driving car security hearing next week. On March 15, the head of Google’s driverless car program will appear before Congress to discuss the safety of autonomous cars. He will appear alongside executives from Lyft and GM. (Reuters)

Hacker makes billion-dollar typo. A misspelled word that cropped up in a fraudulent financial transaction between banks led one router to scrutinize the scam and halt the campaign. The attacker still scored $80 million. (Fortune)

Stop changing that password! Despite the insistence of IT security managers everywhere, new research shows that it’s not necessarily beneficial to ask users to constantly change their passwords. Most people use predictable transformations, like incrementing a single number . (Wired)

Ransomware hits Apple Macs. Malicious software that holds a computer’s data for ransom has migrated to Apple’s operating system. Previously, cybercriminals had mostly targeted machines running Microsoft Windows and Linux. (Fortune)

Share today’s Data Sheet with a friend:
http://fortune.com/newsletter/datasheet/

Looking for previous Data Sheets? Click here.


ACCESS GRANTED

Fortune’s Jonathan Vanian shares Intel Security tech chief Steve Grobman’s views on encryption. It’s not a moral issue, he says.

Encrypting digital data shouldn’t be considered a moral issue of good and evil. Rather, it’s a nuanced legal issue that may not be covered under existing law.

That’s one of the takeaways from a discussion about cybersecurity and data with Steve Grobman, the chief technology officer for Intel’s security group. Grobman explained during the Structure Data conference in San Francisco on Thursday that encryption is really just complex mathematics, which makes it a difficult thing to legislate.

“At the end of the day you can’t legislate the use of math any more than you can legislate the use of gravity,” said Grobman. Read the rest on Fortune.com.



ONE MORE THING

Have you been “pwned”? That’s hacker slang for, well, hacked. Computer security researcher Troy Hunt’s database of nearly 300 million stolen accounts lets people check to see whether they’ve been digitally compromised. (Vice Motherboard)

SPONSORED FINANCIAL CONTENT

You May Like